usually on port 80
can directly be seen on a web browser
whatweb - to see what web tech is used http ip address - returns headers
dirb website url - directory busting
browsh : can see website on command line
Nmap scripts
banner: returns banner information http-enum http-headers http-methods http-webdav-scan :
metasploit
/auxiiary/scanner/http/http_version - returns server version /auxiiary/scanner/http/brute_dirs - directory bruteforce /auxiiary/scanner/http/robots.txt - reads robots.txt
Apache Servers
curl ip | more - gives web response
wget url - dowloads the page
lynx url - alternative to browsh - easier on the eyes